Making compliance easier!

Products

Subscription Plan $795. 95 /year

Our yearly Subscription Service ("Service") includes all products currently available and any product updates released during the subscription year. The yearly renewal for our Service is $495 per year, on a year-to-year basis. Our Service represents a considerable value when compared to buying each individual product. Why? Because our Service not only includes all current products and updates, but it also includes access to all new products that are released during the year.

In addition to our products, the Service is our vehicle for making available content that is only offered to subscribers. Examples include regulatory updates, best practices, HITECH/HIPAA case law analysis and more "news you can use" complete with insights that you cannot find elsewhere. Please review our archived newsletters to get a feel for what you can expect. You will also get more detailed information regarding how to use our proven H 2 Compliance Scorecard to help you launch your compliance initiative. In short, in addition to products, our Service is built upon a robust methodology that helps you continue to meet your compliance objectives over time.

HIPAA Privacy Rule Checklist $229. 95 /year

Our HIPAA Privacy Rule Checklist ("Checklist") is intended to deliver guidance, including suggested policies, processes, and tracking mechanisms that will allow you to make sense out of this new terrain. It is intended as a knowledge transfer vehicle that allows you to derive the HIPAA Privacy Rule compliance solution that works best within your organization. Our Checklist will "walk you through" the relevant statutory/regulatory sections of the HIPAA Privacy Rule, highlighting the policies, processes and tracking mechanisms required at a granular level.

Our Checklist is comprised of Checklist Items that have the following components:

1) a policy statement that reflects an organization's intentions: the what;

2) a definition of a process by which the policy is implemented: the how; and

Model Notice of Privacy Practices $79. 95 /year

This Model Notice of Privacy Practices ("NOPP"), reflects modifications to the NOPP mandated by the Omnibus Rule. HHS has indicated that these changes are "material" and therefore require action on the part of Covered Entities. This Policy is one of a number of templates included in our Privacy Rule Checklist as discussed below.

This Policy was derived from, and included in, our Privacy Rule Checklist ("PRCL") which is sold separately. The objectives of our PRCL are to explain the Privacy Rule in simple terms, and provide you with model policies (including this one), processes, and tracking mechanisms that help you comply with the Rule. Our PRCL helps you put workable policies and procedures in place that conform to the HITECH Act and the Privacy Rule, as best as practicable for your organization.

Model Privacy Rule Policy $79. 95 /year

This policy ("Policy") covers the entirety of the Privacy Rule ("Rule"), from permitted uses and disclosures to the administrative requirements. Instead of having a separate policy for each section of the Rule, with repeated and uncessary boilerplate in each, we chose to provide a comprehensive single document view of the Rule from a policy perspective. This Policy is one of a number of templates included in our Privacy Rule Checklist as discussed below.

This Policy was derived from, and included in, our Privacy Rule Checklist ("PRCL") which is sold separately. The objectives of our PRCL are to explain the Privacy Rule in simple terms, and provide you with model policies (including this one), processes, and tracking mechanisms that help you comply with the Rule. Our PRCL helps you put workable policies and procedures in place that conform to the HITECH Act and the Privacy Rule, as best as practicable for your organization.

HIPAA Cloud, Social Media, and Mobile Checklist $229. 95 /year

Our HIPAA Cloud, Social Media, and Mobile Checklist ("CSMM") ("Checklist") is intended to deliver guidance, including suggested policies, processes, and tracking mechanisms that allow you to make sense out of this new and quickly evolving terrain. The healthcare industry is adopting Cloud, Social Media, and Mobile technologies at an unprecedented rate. Although these enabling technologies collectively help drive the point of care anywhere vision and productivity, they also present unique and unanticipated compliance challenges. Our Checklist is intended as a knowledge transfer vehicle that allows you to derive the CSMM compliance solution that works best within your organization. Our Checklist will "walk you through" the relevant sections of the CSMM, highlighting the policies, processes and tracking mechanisms required at a granular level.

Our Checklist is comprised of Checklist Items that have the following components:

1) a policy statement that reflects an organization's intentions: the what;

2) a definition of a process by which the policy is implemented: the how; and

Model Mobile Policy $49. 95 /year

This Model Mobile Policy ("MPP") reflects best practices for dealing with the compliance challenges presented by mobile devices (phones, pad, latops, etc.). The next few years are going continue to be full of headlines in healthcare journals on the explosion of Mobile Device usage among clinical professionals and the role that these devices continue to play in major PHI data breaches. This Policy is one of a number of policies included in our Cloud, Social Media, and Mobile Checklist as discussed below.

This MMP was derived from our Cloud, Social Media, and Mobile Checklist ("CSMM") which is sold separately. The objectives of our CSMM are to explain cloud, social media and mobile HITECH/HIPAA compliance issues in simple terms, and provide you with model policies (including this one), processes, and tracking mechanisms that help you comply with these emerging challenges. Our CSMM helps you put workable policies and procedures in place that conform to the HITECH Act and HIPAA regulations, as best as practicable for your organization.

HIPAA Breach Notification Framework $49. 95 /year

Section 13402 of the HITECH Act requires that HIPAA covered entities and their business associates provide various notifications following a breach of unsecured protected health information. Our Breach Notification Framework offers guidance for complying with HITECH's Breach Notification requirements. With the Framework, you'll be able to determine when, how and to whom breach notices must be sent and whether your existing plan needs a major overhaul or just a simple adjustment.

HIPAA Breach Notification Policy $29. 95 /year

This policy ("Policy") implements section 13402 of the Health Information Technology for Economic and Clinical Health ("HITECH") Act which requires HIPAA covered entities and their business associates to provide notification following a breach of unsecured protected health information. The objective of this Policy is to ensure that your organization fully complies with HITECH's Breach Notification requirements.

The Policy was derived from our Breach Notification Framework which is sold separately. The objective of our Framework is to explain the breach notification regulations in simple terms, and provide your organization with guidelines and tools for implementing, refining and measuring breach notification policies and procedures. This product is also included in our HIPAA Breach Notification Framework as a complementary FREE Gift.

Business Associate Agreement Model Contract $179. 95 /year

Why do you even need a Business Associate Agreement? HIPAA regulations and the HITECH Act mandate that a Covered Entity establish a written contract with a Business Associate in a number of instances, including whenever a Business Associate "manages" Protected Health Information on behalf of a Covered Entity. Our Business Associate Agreement Model Contract is a quick, simple solution for both Covered Entities and Business Associates.

HITECH and HIPAA Compliant - The provisions in our model Business Associate-to-Business Associate Agreement meet the requirements of both HIPAA (including the recent Omnibus Rule changes) and the HITECH Act.

QUICK and EASY - For most small practices/businesses this agreement is a "right out of the box" solution. You can literally just fill in the blanks on the Business Associate-to-Business Associate Template, print it out and you're ready to go.
REUSE IT - Your business entity/practice can reuse the Business Associate-to-Business Associate Agreement for each and every Business Associate relationship requiring a Business Associate Agreement.
CUSTOMIZABLE - Even though the Business Associate-to-Business Template was developed to be an "out of the box" solution for small practices and businesses, the supporting annotated documents and user's guide walk you through the contract, identifying potential issues and making suggestions for suitable modifications to the agreement.
KNOW What You're SIGNING - Sooner or later, someone from another practice or business is going to put their version of a Business Associate Agreement in front of you. Our annotated agreement and user's guide helps you fully understand what you are committing your organization to when you sign on their dotted line. Moreover, you will be able to better identify any pitfalls or omissions the "other guys" may have in their agreement.
Download it NOW! - As soon as you complete your purchase you will receive an e-mail with instructions for downloading your copy of the Business Associate-to-Business Template and supporting documentation.

The HIPAA Frameworks Combo Package $299. 95 /year

This package includes: (1) HIPAA Breach Notification Framework; (2) Business Associate Agreement; (3) The Security Rule Under HITECH: A Business Associate's Perspective; and (4) the HITECH Breach Notification Policy in an all in one package at considerable savings.

We walk you through the changing relationship between Business Associates and Covered Entities and how the HITECH Act, and the Omnibus Rule, is having a transformative effect on on the ways in which these parties will work together going forward. We summarize over 500 pages of the Omnibus Rule on a rule-by-rule basis so the modification can be digested in manageable "news you can use" components.

HITECH Training Module $49. 95 /year

HITECH and HIPAA Compliant - Our HITECH Training Module gets you up to speed on the changes that have transformed HIPAA from a paper tiger into legislation with real teeth. You get a training video, presentation, and a HITECH Quiz that can be be used to verify HITECH training class attendance within your organization. The training video is well suited for group and/or individual training. In addition, the training material contains live links to the full text of the statute and regulations in order to enhance the educational experience.

QUICK and EASY CUSTOMIZATION - You could spend thousands of dollars developing training in house or pay consultants more to do the same. Our HITECH Training Module provides your organization our files in native format so that you can customize the training to your organizational requirements or use it as is right out-of-the-box.

REUSE IT - Reuse our training materials over and over as you add new members to your workforce.

HIPAA Privacy Rule Training Module $49. 95 /year

HIPAA Privacy Rule Training - Our HIPAA Privacy Rule Under HITECH Training Module gets you up to speed regarding how the HITECH Act has impacted the HIPAA Privacy Rule and how marketplace trends are impacting it as well.

We walk you through the entirety of the Privacy Rule and discuss the impact that the HITECH Act has had under three major sections: 1) Uses and Disclosures of PHI contained in Sections § 164.502 through § 164.514; 2) the Patient's Bill of Rights contained in Sections § 164.520 through § 164.528; and 3) the Administrative Requirements contained in Section § 164.530.

PACKAGE CONTENTS: You get a training video, presentation, and a Privacy Rule Under HITECH Quiz (and answer key) that can be be used to verify your Privacy Rule Training class attendance within your organization. The training video is well suited for group and/or individual training. In addition, the training material contains live links to the full text of the statute and regulations in order to enhance the educational experience.

QUICK and EASY CUSTOMIZATION - You could spend thousands of dollars developing training in house or pay consultants more to do the same. Our Privacy Rule Training Module provides your organization our files in native format so that you can customize the training to your organizational requirements or use it as is right out-of-the-box.

REUSE IT - Reuse our training materials over and over as you add new members to your workforce.

HIPAA Security Rule Training Module $49. 95 /year

HIPAA Security Rule Training - Our HIPAA Security Rule Under HITECH Training Module gets you up to speed regarding how the HITECH Act has impacted the HIPAA Security Rule and how marketplace trends are impacting it as well.

We walk you through the entirety of the Security Rule and discuss the impact that the HITECH Act has had under three major sections: 1) Administrative Safeguards; § 164.308; 2) the Technical Safeguards § 164.312; and 3) the Physical Safeguards § 164.310.

PACKAGE CONTENTS: You get a training video, presentation, and a Security Rule Under HITECH Quiz (and answer key) that can be be used to verify your Security Rule Training class attendance within your organization. The training video is well suited for group and/or individual training. In addition, the training material contains live links to the full text of the statute and regulations in order to enhance the educational experience.

QUICK and EASY CUSTOMIZATION - You could spend thousands of dollars developing training in house or pay consultants more to do the same. Our Security Rule Training Module provides your organization our files in native format so that you can customize the training to your organizational requirements or use it as is right out-of-the-box.

REUSE IT - Reuse our training materials over and over as you add new members to your workforce.

Breach Notification Training Module $49. 95 /year

BREACH NOTIFICATION TRAINING - Our HITECH Breach NotificationTraining Module gets you up to speed regarding the 800 pound gorilla of the HITECH Act. We walk you through a methodology for determining when notification is triggered, and how to notify patients, HHS, and prominent media according to applicable law. We also discuss the processes you need to have in place in order to track security incidents effectively in your organization. Finally, we review the Costs of Non-Compliance to ensure that you understand the potential risks your organization faces should a major breach occur.

PACKAGE CONTENTS: You get a training video, presentation, and a HITECH Breach Notification Quiz (and answer key) that can be be used to verify HITECH Breach Notification Training class attendance within your organization. The training video is well suited for group and/or individual training. In addition, the training material contains live links to the full text of the statute and regulations in order to enhance the educational experience.

QUICK and EASY CUSTOMIZATION - You could spend thousands of dollars developing training in house or pay consultants more to do the same. Our HITECH Breach Notification Training Module provides your organization our files in native format so that you can customize the training to your organizational requirements or use it as is right out-of-the-box.

REUSE IT - Reuse our training materials over and over as you add new members to your workforce.

HIPAA Business Associates Training Module $49. 95 /year

HIPAA Business Associates Training - Our HIPAA Business Associates Under HITECH Training Module gets you up to speed regarding how the HITECH Act has impacted Business Associates and the implications of these changes with respect to: 1) the HIPAA Security Rule; 2) the HIPAA Privacy Rule; and 3) the Breach Notification Rule.

We walk you through the changing relationship between Business Associates and Covered Entities and how the HITECH Act is having a transformative effect on how these parties work together going forward. We also cover changes to the Business Associate Contract required and otherwise necessitated by the Act.

PACKAGE CONTENTS: You get a training video, presentation, and a Business Associates Under HITECH Quiz (and answer key) that can be be used to verify your Business Associate Training class attendance within your organization. The training video is well suited for group and/or individual training. In addition, the training material contains live links to the full text of the statute and regulations in order to enhance the educational experience.

QUICK and EASY CUSTOMIZATION - You could spend thousands of dollars developing training in house or pay consultants more to do the same. Our Business Associate Training Module provides your organization our files in native format so that you can customize the training to your organizational requirements or use it as is right out-of-the-box.

REUSE IT - Reuse our training materials over and over as you add new members to your workforce.

Mobile Devices Training Module $29. 95 /year

Mobile Devices Training - Our Mobile Devices Under HITECH Training Module gets you up to speed on how Mobile Devices have impacted the HIPAA Rules including: 1) the HIPAA Security Rule; 2) the HIPAA Privacy Rule; and 3) the Breach Notification Rule. We walk you through Mobile Device (phones, pads, laptops, etc.) challenges created by locally stored PHI, asset management, bring your own device ("BYOD"), wireless networks and audits, as well as the best practices that help you meet these challenges. It short, we present an overiew of what your mobile compliance initiative ("MDI") should consist of, keeping in mind that most PHI data breaches occur as a result of Mobile Devices.

Social Media Training Module $29. 95 /year

Social Media Training - Our Social Media Under HITECH Training Module gets you up to speed regarding how Social Media has impacted the HIPAA Rules including: 1) the HIPAA Security Rule; 2) the HIPAA Privacy Rule; and 3) the Breach Notification Rule. We walk you through Social Media governance, challenges and best practices. We present an overiew of what your Social Media compliance initiative ("SMI") should consist of, keeping in mind that today everyone in your workforce is a potential publisher.

PACKAGE CONTENTS: You get a training video, presentation, and a Social Media Under HITECH Quiz (with answer key) that can be used to verify class attendance within your organization. The training video is well suited for group and/or individual training. In addition, the training materials contain live links to the full text of the statute and regulations in order to enhance the educational experience. Our Social Media training is derived from our HIPAA Cloud, Social Media, and Mobile Checklist under HITECH, which is sold as a separate product.

QUICK and EASY CUSTOMIZATION - You could spend thousands of dollars developing training in house or pay consultants more to do the same. Our Social Media Training Module provides your organization with our files in native format so that you can customize the training to your organizational requirements or use it as is right out-of-the-box.

REUSE IT - Reuse our training materials over and over as you add new members to your workforce.

HIPAA Survival Guide Fourth Edition $29. 95 /year

The Fourth Edition of the HIPAA Survival Guide updates the Third Edition of the Guide with the recent Omnibus Rule modifications. The Omnibus Rule modifications are placed contextually throughout the Guide depending on the part of the Rules modified. All regulatory links in the Fourth Edition point to the the Omnibus Rule Ready regulations on the HIPAA Survival Guide website.

The Fourth Edition also comes with a rigorous and detailed summary of the HHS Omnibus Rule. The summary reduces the 500 pages contained in the Rule to a manageable number of pages, providing you only the essence of what was modified. In short, "news you can use."

The HITECH Act has indeed proven to be transformational. The Fourth Edition of the Guide is foundational to your understanding of the Rules going forward. Accept no substitute.

The Security Rule : A Business Associate's Perspective $29. 95 /year

The most important step for building a "good Security Rule compliance story" is for the business associate to get started. The approach recommended herein is to build the story iteratively over time. Most business associates (large or small) will likely need help in creating the story. Getting started in the wrong direction initially could be far more costly in the long run, since much of the compliance budget may simply be wasted. The framework discussed throughout this document provides a good road map to follow.